kernel-yocto: make kernel commits reproducible

The git commit hashes for the kernel checkout are not reproducible under
certain conditions:

- If the git repository is initialized on an archive (rather than a
  git), the initial git commit not only has the current user name set,
  it also uses the current system time as committer and author date.
  This will affect the initial git hash and thus all subsequent ones.

- The patches applied by the kern-tools have a valid author and date.
  However, their committer again depends on the user building the BSP.

This is an issue, for example, if one compiles a kernel with
CONFIG_LOCALVERSION_AUTO enabled where the commit hash lands into the
kernel and thus the package version. This not only makes the package
version non-reproducible, but also leads to version mismatches between
kernel modules built against a fresh kernel checkout and the kernel
retrieved from the sstate cache.

The class uses 'check_git_config' from utils.bbclass, but this only sets
the git user and only if none existed before. Thus it doesn't really
help here.

Since in Git the committer information can be set only from the
environment variables GIT_COMMITTER_NAME, GIT_COMMITTER_EMAIL, and
GIT_COMMITTER_DATE, we introduce a helper function to set those and
apply the author settings in the same way.
As values simply use PATCH_GIT_USER_NAME, PATCH_GIT_USER_EMAIL (from
patch.bbclass) and SOURCE_DATE_EPOCH.
For convenience, put the new helper 'reproducible_git_committer_author'
into utils.bbclass next to 'check_git_config' so others can use it, too.

Using this helper in kernel-yocto.bbclass makes the committer and author
date/name/email for the initial commit reproducible, as well as the
committer name/email for the patches applied with kern-tools.

For debugging purpose, allow disabling the reproducibility features by
setting KERNEL_DEBUG_TIMESTAMPS to "1".

Suggested-by: Felix Klöckner <F.Kloeckner@weinmann-emt.de>
(From OE-Core rev: aab4517b4649917abd519ea85a20fd9d51bf3d99)

Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

1 files changed, 6 insertions, 0 deletions

diff --git a/meta/classes-recipe/kernel-yocto.bbclass b/meta/classes-recipe/kernel-yocto.bbclass
index 7d80e9aa52..697132c073 100644
--- a/meta/classes-recipe/kernel-yocto.bbclass
+++ b/meta/classes-recipe/kernel-yocto.bbclass
@@ -352,6 +352,9 @@ do_patch() {
         cd ${S}
 
         check_git_config
+        if [ "${KERNEL_DEBUG_TIMESTAMPS}" != "1" ]; then
+                reproducible_git_committer_author
+        fi
         meta_dir=$(kgit --meta)
         (cd ${meta_dir}; ln -sf patch.queue series)
         if [ -f "${meta_dir}/series" ]; then
@@ -434,6 +437,9 @@ do_kernel_checkout() {
                 rm -f .gitignore
                 git init
                 check_git_config
+                if [ "${KERNEL_DEBUG_TIMESTAMPS}" != "1" ]; then
+                        reproducible_git_committer_author
+                fi
                 git add .
                 git commit -q -n -m "baseline commit: creating repo for ${PN}-${PV}"
                 git clean -d -f